TL;DR
Start with Google Drive access control settings.
Auditing file sharing across Google Workspace starts with enforcing proper Google Drive access control settings, and combining that with continuous visibility into internal and external shares. You’ll need both native tools and smarter solutions to meet compliance and avoid data leakage.
Now for the bigger picture. Google Workspace’s built-in security isn’t bad, but it’s reactive and often too generic. Mid-sized teams that care about Google Drive security or need to prove secure file sharing compliance quickly discover they can’t easily get a clear answer to questions like “What’s shared publicly right now?”. With Sola, you can build a custom app to track exactly that. Ask your question using our AI co-pilot, connect your Google Workspace data, and get instant answers.
Now for the bigger picture. Google Workspace’s built-in security isn’t bad, but it’s reactive and often too generic. Mid-sized teams that care about Google Drive security or need to prove secure file sharing compliance quickly discover they can’t easily get a clear answer to questions like “What’s shared publicly right now?”. With Sola, you can build a custom app to track exactly that. Ask your question using our AI co-pilot, connect your Google Workspace data, and get instant answers.
Sola apps that could help you
Visit the App GalleryUnderstand your native tools
Google Workspace offers two built-in tools to monitor file sharing: the Audit and Investigation Tool, and the Security Investigation Tool. These let you track drive activity logs, filter by user or event type, and export reports.
Sounds fine on paper, until you try to figure out which files are publicly exposed or shared with external domains. You’ll find yourself exporting CSVs and manually sifting through logs. Not ideal.
For organizations that want Google Workspace security without babysitting spreadsheets, this isn’t sustainable. Compliance isn’t just about having logs, it’s about continuously being able to prove you’re not sharing sensitive files with the wrong people. The native tools just weren’t built for that.
Google Drive access control best practices
Start by disabling public link sharing by default and restricting sharing to trusted domains. Enable DLP (Data Loss Prevention) to scan for sensitive content before it leaves your org. Enforce MFA across all accounts, and turn on context-aware access policies.
Next, automate detection of risky sharing behaviors. This includes files shared with personal Gmail accounts, external domains that aren’t partners, or “Anyone with the link” permissions.
Spoiler: This is where Sola’s Google Workspace Files App comes in. You can deploy it in seconds and immediately surface issues like public links or external shares without building a thing. Want to go deeper? Build your own auditing app with Sola’s AI capabilities to answer specific compliance questions. Either way, google drive access control gets a lot easier when you’re the one calling the shots.